Not Production

aspyker edited this page Nov 10, 2014 · 5 revisions

The Docker images created are not intended to be used in production as is. The Docker images created are to allow for easier evaluation of the various NetflixOSS technologies, similar to many other published open source Docker images.

Some reasons why that are not production ready:

High-Availability

The NetflixOSS services shown here are configured as single instances and do not form a cluster with auto-recovery. An additional scheduler for containers would be needed to ensure auto-recovered and highly available placement topologies. For example, Exhibitor has the ability to discover other nodes and share configuration across the cluster via S3. In these images, that is not enabled, but it should be easy to change the configuration and run within a cluster.

Security

There has been no attempt to harden these containers. Specifically, be careful of the Asgard image as it requires you to provide your EC2 credentials. At Netflix, we use on instance keys that expire and IAM roles to ensure keys are not super user and valid in a way that can be exploited by someone forever and would encourage you to run this way as well. We may, in the future, make these images work with these EC2 security concepts, but the intent was to be able to run the images anywhere Docker runs, so we didn't want to set a hard dependency.

Operational Visibility

While all attempts have been made to ensure logs are on standard out, not all services do this by default. Therefore, standard "docker logs" will not have access to all log files. In production we ensure that all logs are maintained and accessible operationally.

If the images change in the future to be more production ready, we will let you know.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.